YouTube Spam Emails Carry Malicious JavaScript


Recommended Posts

YouTube Spam Emails Carry Malicious JavaScript

The code is obfuscated and included in the attached HTML file

Security researchers from German antivirus vendor Avira warn of a new spam campaign producing emails that masquerade as YouTube friend requests. The rogue emails have attached an HTML file containing obfuscated malicious JavaScript code.

“During the last few days we received a lot of mails with subjects like 'User <username> suggests you to become friends on YouTube,'” the Avira researchers announce. The “From” field has been forged to appear as if the emails originate from “YouTube Service.” <br style=""><br style="">

The attachement is an HTML document called “YouTube Message.html” and according to Avira, it contains obfuscated JavaScript code. If the file is opened in a browser this code will redirect the user to an external domain, from where they will be redirected once again onto a page loading malicious content via a hidden IFrame.

More plus screenshot here: http://news.softpedia.com/news/YouTube-Spam-Emails-Carry-Malicious-JavaScript-147107.shtml

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...